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DETAILED ACTION 



1. Claims 1-22 are amended 



Response to Arguments 

Applicant's arguments with respect to claims 1-22 have been considered but are 
moot in view of the new ground(s) of rejection. Applicant's amendment filed on 
3/21/2007 necessitated new ground(s) of rejection, therefore Applicant's argument are 
considered moot. 



Claim Objections 

Claim 1 is objected to because of the following informalities: Applicant claims 
"the set of data is used to diagnosis the software execution" the Examiner suggests 
changing this to "the set of data is used to diagnose the software execution." 
Appropriate correction is required. 

Claim Rejections - 35 USC § 101 

35 U.S.C. 101 reads as follows: 



Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 
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Claims 20-22 are rejected under 35 U.S.C. 101 because the claimed invention is 
directed to non-statutory subject matter. Claim 20 claims "a computer program 
product." A computer program product is considered software per se and is considered 
non-statutory. 



Claim Rejections - 35 USC § 103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

This application currently names joint inventors. In considering patentability of 
the claims under 35 U.S.C. 103(a), the examiner presumes that the subject matter of 
the various claims was commonly owned at the time any inventions covered therein 
were made absent any evidence to the contrary. Applicant is advised of the obligation 
under 37 CFR 1 .56 to point out the inventor and invention dates of each claim that was 
not commonly owned at the time a later invention was made in order for the examiner to 
consider the applicability of 35 U.S.C. 103(c) and potential 35 U.S.C. 102(e), (f) or (g) 
prior art under 35 U.S.C. 1 03(a). 
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Claims 1-22 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Circenis (US 20040054908) in view of The IBM Certification Study Guide AIXV4.5 
System Administration (1999) (hereafter referred to as IBM). 

Regarding Claims 1 and 3, 

Circenis teaches a system that allows analysis of software running in a tamper- 
resistant environment, the system comprising ("A tamper-evident data management 
system... includes an application for collecting usage or metrics data from the computer 
system" Abstract).: 

a processor which monitors at least one instance of software execution identified 
and selected by a user to be monitored and creates a log entry with at least one of a 
set of data is used to diagnose the software execution; ("Using the tamper-evident 
system 200 of Fig. 3, a sender is able to monitor and control application utilization by collecting 
data associated with the application, creating tamper-evident data records, and providing the 
tamper-evident data records" Paragraph [0037]) 

an encryption system which encrypts the log entry for the at least one set of data 
(Figure 4 teaches encrypting the log entry for at least one set of data, particularly step 320 
"Sign data entry with application private key", step 325 "Encrypt with vendor public key" and 
step 330 "Store in data log") 

Circenis does not explicitly teach a 
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a log file of a relatively-fixed size which stores the log entry for the at least one 
set of data which have been encrypted; 

IBM teaches 

a log file of a relatively-fixed size which stores the log entry for the at least one 
set of data which have been encrypted; ("The alog command can maintain and manage 
logs. It reads standard inpu , writes to standard output, and copies the output into a fixed-size 
file. This file is treated as a circular log" Section 2.4.1) 

a system for wrapping around and filling the log file from a beginning when the 
log file has been filled, allowing the log file to remain at a substantially-constant size 
even after the log file has been filled with data and a new entry is received. ("If the file is 
full, new entries are written over the oldest existing entries" Section 2.4. 1). It is inherent that a 
circular log will wrap around and fill the log file from a beginning when the log file has been 
filled. 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to modify the monitoring system of Circenis to store the encrypted log entries 
in a circular log as described by IBM. 

The motivation is that a circular log is a well known way to store a log file, where 
the circular log is inherently of a fixed size. It is inherent that a circular log will contain at 
least a pointer which identifies the next storage location for a next log entry. 

The combined references of Circenis and IBM do not explicitly teach where 
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random data in the log file when it is originally created and which is replaced by 
log entries so that a size of the log including log entries appears to be a substantially- 
constant size; 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to insert random data into the log file when it is initially created. 

The motivation is that it is inherent that the circular log is of a fixed size so it must 
be initialized with some values. One of ordinary skill in the art would know to initialize 
the circular log with random values. 

Regarding Claim 2, 

The combined references of Circenis and IBM teach a system including the 
elements of claim 1 wherein the system includes a transmission system for sending. the 
log file, upon command, to a secure processing location away from the system in which 
the log file was created. ("The data log may also be transmitted to a remote system 
(comprising, for example, the validation computer 150) over a network connection" Paragraph 
[0043] of Circenis, Figure 3 shows the transmission of the log file 11 5 to the secure processing 
location away from the system 150) 



Regarding Claim 4, 
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The combined references of Circenis and IBM teach a system including the 
elements of claim 1 wherein the system includes a mechanism for obscuring a log 
entry which has been created. (Figure 4 of Circenis teaches encrypting the log entry for at 
least one set of data, particularly step 320 "Sign data entry with application private key", step 
325 "Encrypt with vendor public key" and step 330 "Store in data log") 

Regarding Claim 5, 

The combined references of Circenis and IBM teach a system including the 
elements of claim 4, Circenis further teaches the mechanism for obscuring the activity 
for which a log entry is created includes a printing function for writing into the log file. 

("The customer site that forbids electronic media leaving the site may require that 
the vendor print out any validated and decrypted data logs and bring the printout back 
to the vendor site for processing and billing." Paragraph [0034]) The Examiner 
interprets printing out the data logs as the printing function. 

Regarding Claim 6, 

The combined references of Circenis and IBM teach a system including the 
elements of claim 2 wherein the system includes a mechanism for receiving an 
indication from a user that transmission is desired and transmits the log file in response 
to that indication. (Tig. 5 is a flowchart illustrating steps in validating the data. The program 
starts (step 355) and the data log is copied to the validation computer through an intermediary 
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device or medium (step 360)") Before the data can be validated there must inherently be some 
indication for the log file to be transmitted. 

Regarding Claim 7, 

The combined references of Circenis and IBM teach a system including the 
elements of claim 1 wherein the system further includes a mechanism for receiving ah 
input from a user that initiates logging of log entries into the log file each time logging is 
desired by the user. ("The iCOD computer could save usage data to a log file or a central 
metering device that a vendor employee could check periodically by visiting the site. " 
Paragraph [0024]) The Examiner interprets the vendor employee as the user the indicates 
logging is desired) 

Regarding Claim 8, 

The combined references of Circenis and IBM a system including the elements of 
claim 1 wherein the system further includes an initializing mechanism for determining 
each instance logging is to begin and initiating logging of log entries only in response to 
that initializing mechanism. ("The iCOD computer could save usage data to a log file or a 
central metering device" Paragraph [0024]) ("an iCOD computer residing on an isolated site 
should be designed to discourage any reverse engineering or other tampering and to make 
such tampering evident to the iCOD computer vendor" Paragraph [0023]) The Examiner 
interprets the iCOD inherently having an initializing mechanism. The Examiner interprets the 
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design to discourage tampering as so that only logging entries are only initiated in response to 
the initializing mechanism. 

Regarding Claim 9, 

The combined references of Circenis and IBM teach a system including the 
elements of claim 1 wherein the system uses a public key to encrypt the log entry 
which has been created and a private key corresponding to the public key is used to 
decrypt the log which has been created at a secure location. ("Public and private 
encryption/decryption key pairs where data encrypted by a public key can only be decrypted 
with a corresponding private key, and visa versa, provide data confidentiality" Paragraph 
[0025], Figure 4 of Circenis shows encryption and Figure 5 shows decryption) 

Regarding Claim 10 

Circenis teaches a method for diagnosing software in a tamper-resistant 
environment comprising the steps of: 

monitoring at least one software operation activity within the tamper-resistant 
environment and generating messages in response to at least one instance of software 
execution within the tamper-resistant environment; ("Using the tamper-evident system 
200 of Fig. 3, a sender is able to monitor and control application utilization by collecting data 
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associated with the application, creating tamper-evident data records, and providing the 
tamper-evident data records" Paragraph [0037]) 

logging at least one software operation activity relating to a generated message 
by replacing a random data with an encrypted record of the software operation activity; 

(Figure 4 teaches encrypting the log entry for at least one set of data, particularly step 
320 "Sign data entry with application private key", step 325 "Encrypt with vendor public key" 
and step 330 "Store in data log") 

and sending the log file to a secure location where it the log file can be decrypted 
and analyzed; ("The data log may also be transmitted to a remote system (comprising, for 
example, the validation computer 150) over a network connection" Paragraph [0043] of 
Circenis, Figure 3 shows the transmission of the log file 115 to the secure processing location 
away from the system 150) 

and analyzing the decrypted log file data and providing information on the 
operation of the software in the tamper-resistant environment, f The use of the vendor 
public and private keys ensures that only the vendor can decrypt the data logon the computer 
system... to preserve the confidentiality of the data log" Paragraph [0043]) It is inherent that the 
data log will provide information on the operation of the software in the tamper-resistant 
environment 

Circenis does not explicitly teach 

turning on logging and establishing a pointer for a location of a next logged 
software operation activity; 
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moving the pointer when a log entry has been made to a next available log 
position; 

wrapping the pointer to a beginning of the log file when the log file is full of log 
entries; 

IBM teaches turning on logging and establishing a pointer for a location of a next 
logged software operation activity; moving the pointer when a log entry has been made 
to a next available log position; f The alog command can maintain and manage logs. It 
reads standard input, writes to standard output, and copies the output into a fixed-size file. This 
file is treated as a circular log" Section 2.4.1) It is inherent that a circular log has a pointer that 
moves to the next logged software operation activity. 

wrapping the pointer to a beginning of the log file when the log file is full of log 
entries; ("If the file is full, new entries are written over the oldest existing entries" Section 
2.4. 1). It is inherent that a circular log will wrap around and fill the log file from a beginning when 
the log file has been filled. 

The combined references of Circenis and IBM do not further teach generating a 
log file full of random data; 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to insert random data into the log file when it is initially created. 

The motivation is that it is inherent that the circular log is of a fixed size so it must 
be initialized with some values. One of ordinary skill in the art would know to initialize 
the circular log with random values. 
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Regarding Claim 11, 

Circenis and IBM teach a method including the steps of claim 10 wherein the 
step of turning on logging includes the steps of receiving an user input that logging is 
desired and initiating the logging in response thereto. ("The iCOD computer could save 
usage data to a log file or a central metering device that a vendor employee could check 
periodically by visiting the site." Paragraph [0024]) The Examiner interprets the vendor 
employee as the user the indicates logging is desired) 

Regarding Claim 12, 

Circenis and IBM teach a method including the steps of claim 10 wherein the 
step of at least one software operation activity further includes the steps of determining 
whether the software operation activity is to be logged, The Examiner interprets that 
before the data is logged, inherently, there must be a step of determining whether the activity is 
to be logged. 

and if so, determining when to encrypt the software operation activity to obscure 
what is being logged. ("Encryption may be added to keep the customer's data log 
confidential" Paragraph [0039]) The Examiner interprets that before the data log is encrypted 
there must inherently be a determining step of when to encrypt the software activity 

Regarding Claim 13, 
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Circenis and IBM teach a method including the steps of claim 10 wherein the step of I 
ogging the software operation activity further includes the steps of determining a 

next available log position, It is inherent that a circular log requires determing a next 

available log position. 

replacing existing data in the location with the data from the software operation 

activity, ("If the file is full, new entries are written over the oldest existing entries" Section 2.4. 1, 

IBM). 

and updating the pointer to provide a location of the next logged software 
operation activity. It is inherent that a circular log updates the pointer to provide a location of 
the next activity. 

Regarding Claim 14, 

Circenis and IBM teach a method including the steps of claim 10 and further 
including the step of receiving a command from a user that indicates that sending the 
log file to a remote location is desired and transmitting the log file in response thereto. 

("Fig. 5 is a flowchart illustrating steps in validating the data. The program starts (step 355) and 
the data log is copied to the validation computer through an intermediary device or medium 
(step 360)") Before the data can be validated there must inherently be some indication for the 
log file to be transmitted. 



Regarding Claim 15, 
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Circenis teaches a method of analyzing the operation of software in a remote 
protected processing environment, the method including: 

receiving from the remote protected processing environment an encrypted log file 
comprising at least one log entry with at least one set of data derived from at least one 
instance of software execution monitored in response to a user identifying and 
selecting the one instance of software execution, whereby the set of data is used to 
diagnose the software execution; ("The data log also may be transmitted to a remote 
system (comprising, for example, the validation computer) over a network connection" 
Paragraph [0043]) 

determining a decrypting key for the encrypted log file and decrypting the 
encrypted log file; ("The software on the validation computer may then decrypt each of the 
data log entries in the data log using the vendor private key" Paragraph [0043]) 

analyzing the log entry at the remote protected processing environment and to 
determine whether an operation of the remote protected processing environment 
corresponding to the at least one set of data derived from at least one instance of 
software execution is appropriate; ("The data log is then further inspected by the vendor for 
evidence of customer tampering. " Paragraph [0044]) 

and reporting the results of the analyzing step. (The Examiner interprets the vendor 
inspecting the data logs as reporting the results of the analyzing step) 

Circenis does not explicitly teach that the data log is of substantially-constant size 
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IBM teaches that the data log is of substantially-constant size. 
("The alog command can maintain and manage logs. It reads standard input , writes to 
standard output, and copies the output into a fixed-size file. This file is treated as a circular log" 
Section 2.4.1) 

It would have been obvious to one of ordinary skill in the art at the time of the invention 
to combine the data log monitoring system of Circenis with the fixed-sized log (circular 
log) of IBM. 

The motivation is that the circular log is well known in the art and without much 
modification the circular log can be used in the system of Circenis with no difference in 
result. 

Regarding Claim 16, 

Circenis and IBM teach a method providing the steps of claim 15. It is inherent that 
before "the data log... may be transmitted to a remote system" (Paragraph [0043]) that 
an instruction to send the encrypted log file to the remote location is inherently needed. 
Circenis teaches including providing an instruction to initiate a logging of messages 
each time logging is desired by the user ("The iCOD computer could save usage data to a 
log file or a central metering device that a vendor employee could check periodically by visiting 
the site. " Paragraph [0024]) The Examiner interprets the vendor employee as the user the 
indicates logging is desired) 
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Regarding Claim 17, 

Circenis and IBM teach a method providing the steps of claim 16. 

Circenis and IBM do not explicitly teach wherein the instruction to initiate logging 
of messages includes the step of initiating programming within the remote protected 
processing environment to replace information in the encrypted log file with encrypted 
information relating to the operation of the remote protected processing environment. 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to include programming within the remote system to replace information in 
the encrypted file log with encrypted information relating to the operation of the remote 
protected system. 

The motivation is that in the system of Circenis, once the data log is passed to 
the remote system, it is in the hands of the vendor or system administrator. Because 
tampering is no longer an issue the vendor can adjust the data log to include whatever 
instruction is deemed necessary. One of ordinary skill in the art would be able to 
replace encrypted data log information with encrypted information relating to the 
operation of the remote protected system. 



Regarding Claim 18, 
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Circenis and IBM teach a method providing the steps of claim 17. 

Circenins and IBM do not explicitly teach wherein the step of replacing 
information in the encrypted log file includes the step of replacing random data which 
was placed in the encrypted log file when it was created. 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to insert random data into the log file when it is initially created. 

The motivation is that it is inherent that the circular log is of a fixed size so it must 
be initialized with some values. One of ordinary skill in the art would know to initialize 
the circular log with random values. 

Regarding Claim 19, 

Circenis and IBM teach a method providing the steps of claim 17. IBM teaches a 
circular log wherein the step of replacing information in the log file inherently includes 
the step of using a pointer to a next location in the log file and the pointer wraps to a 
beginning the log file after the encrypted log file has been filled. 

Regarding Claim 20, 

Circenis teaches a computer program product for analyzing software running in a 
tamper-resistant environment, the computer program product comprising instructions 
for: 
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at least one set of data serviced from at least one instance of software execution 
identified and selected by a user to be monitored whereby the set of data is used to 
diagnose the software execution; ("Using the tamper-evident system 200 of Fig. 3, a sender 
is able to monitor and control application utilization by collecting data associated with the 
application, creating tamper-evident data records, and providing the tamper-evident data 
records" Paragraph [0037]) 

encrypting the recording of the at least one set of data using a key; (Figure 4 
teaches encrypting the log entry for at least one set of data, particularly step 320 "Sign data 
entry with application private key", step 325 "Encrypt with vendor public key" and step 330 
"Store in data log") , 

responding to a command and sending the encrypted log file comprising the at 
least one set of data which has been encrypted and sequentially recoded in the storage 
block to a remote location for decryption and analysis. ("The data log may also be 
transmitted to a remote system (comprising, for example, the validation computer 150) over a 
network connection" Paragraph [0043] of Circenis, Figure 3 shows the transmission of the log 
file 115 to the secure processing location away from the system 150). The Examiner interprets 
the data in the log of Circenis as being sequentially recoded. ("The sequence numbers of the 
data log entries are also checked for gaps or data log entries that are out of sequence" 
Paragraph [0044]) 

* v 

Circenis does not explicitly teach 
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recording at least one set of data, which has been encrypted sequentially in a 
storage block of a substantially fixed size; 

maintaining a pointer to a next available location for recording the at least one set 
of data sequentially in the storage block; 

IBM teaches recording at least one set of data, which has been encrypted in a 
storage block of a substantially fixed size; ("The alog command can maintain and manage 
logs. It reads standard inpu , writes to standard output, and copies the output into a fixed-size 
file. This file is treated as a circular log" Section 2.4. 1) 

It is inherent that a circular log maintains a pointer to a next available location for 
recording the at least one set of data sequentially in the storage block; 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to modify the monitoring system of Circenis to store the encrypted log entries 
in a circular log as described by IBM. 

The motivation is that a circular log is a well known way to store a log file, where 
the circular log is inherently of a fixed size. It is inherent that a circular log will contain 
at least a pointer which identifies the next storage location for a next log entry. 

Regarding Claim 21, 

Circenis and IBM teach the computer program product of claim 20. Circenis and IBM 
do not further teach instructions for: 
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Initializing the storage block of a substantially fixed size with random information 
which has been encrypted to provide a block of apparent data. 

It would have been obvious to one of ordinary skill in the art at the time of the 
invention to insert random data into the log file when it is initially created. 

The motivation is that it is inherent that the circular log is of a fixed size so it must 
be initialized with some values. One of ordinary skill in the art would know to initialize 
the circular log with random values. 

Regarding Claim 22, 

Circenis and IBM he computer program product of claim 20, further comprising 
instructions for: 

writing the at least one set of data which has been encrypted and recorded 
events in a sequential order in the storage block f The sequence numbers of the data log 
entries are also checked for gaps or data log entries that are out of sequence.. .Inconsistencies 
in... the sequence numbers would provide evidence of tampering with the data log" Paragraph 
[0044]). Because the data log is supposed to be sequential, the Examiner interprets that the 
data is written in a sequential order. 

In a circular log it is inherent for wrapping around when an end of the storage 
block of the substantially fixed-size memory is reached. 



Conclusion 
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Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Harris C. Wang whose telephone number is 
5712701462. The examiner can normally be reached on M-F 8-5:30, Alternate Fridays 
Off. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, AYAZ R. SHEIKH can be reached on (571)272-3795. The fax phone 
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number for the organization where this application or proceeding is assigned is 571- 
273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-91 99 (IN USA OR CANADA) or 571-272-1 000. ^) 



HCW 




